xref: /openbsd-src/libexec/ld.so/util.c (revision b722ba42570161220f25c5d789b5bec8a0166743) 
1*b722ba42Sguenther /*	$OpenBSD: util.c,v 1.49 2022/01/08 06:49:41 guenther Exp $	*/
292d4e326Sdrahn 
392d4e326Sdrahn /*
492d4e326Sdrahn  * Copyright (c) 1998 Per Fogelstrom, Opsycon AB
592d4e326Sdrahn  *
692d4e326Sdrahn  * Redistribution and use in source and binary forms, with or without
792d4e326Sdrahn  * modification, are permitted provided that the following conditions
892d4e326Sdrahn  * are met:
992d4e326Sdrahn  * 1. Redistributions of source code must retain the above copyright
1092d4e326Sdrahn  *    notice, this list of conditions and the following disclaimer.
1192d4e326Sdrahn  * 2. Redistributions in binary form must reproduce the above copyright
1292d4e326Sdrahn  *    notice, this list of conditions and the following disclaimer in the
1392d4e326Sdrahn  *    documentation and/or other materials provided with the distribution.
1492d4e326Sdrahn  *
1592d4e326Sdrahn  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
1692d4e326Sdrahn  * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
1792d4e326Sdrahn  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1892d4e326Sdrahn  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
1992d4e326Sdrahn  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
2092d4e326Sdrahn  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
2192d4e326Sdrahn  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
2292d4e326Sdrahn  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
2392d4e326Sdrahn  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
2492d4e326Sdrahn  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
2592d4e326Sdrahn  * SUCH DAMAGE.
2692d4e326Sdrahn  *
2792d4e326Sdrahn  */
2841c230b7Sdrahn 
2941c230b7Sdrahn #include <sys/types.h>
30606620c4Sguenther #include <syslog.h>
31*b722ba42Sguenther 
32*b722ba42Sguenther #include "syscall.h"
33*b722ba42Sguenther #include "util.h"
34702424caSguenther #include "resolve.h"
354e496f3dSmortimer #define KEYSTREAM_ONLY
364e496f3dSmortimer #include "chacha_private.h"
3741c230b7Sdrahn 
38466246deSderaadt #ifndef _RET_PROTECTOR
3941c230b7Sdrahn /*
40fb929c0dSmiod  * Stack protector dummies.
41fb929c0dSmiod  * Ideally, a scheme to compile these stubs from libc should be used, but
42fb929c0dSmiod  * this would end up dragging too much code from libc here.
43fb929c0dSmiod  */
4432f715b8Smatthew long __guard_local __dso_hidden __attribute__((section(".openbsd.randomdata")));
45896cf611Sderaadt 
465b36bcefSderaadt void __stack_smash_handler(char [], int);
475b36bcefSderaadt 
48fb929c0dSmiod void
__stack_smash_handler(char func[],int damaged)49bca1ae43Snaddy __stack_smash_handler(char func[], int damaged)
50fb929c0dSmiod {
51eeec8592Sderaadt 	char message[256];
529df30356Sderaadt 
539df30356Sderaadt 	/* <10> indicates LOG_CRIT */
549df30356Sderaadt 	_dl_strlcpy(message, "<10>ld.so:", sizeof message);
55702424caSguenther 	_dl_strlcat(message, __progname, sizeof message);
56eeec8592Sderaadt 	if (_dl_strlen(message) > sizeof(message)/2)
57eeec8592Sderaadt 		_dl_strlcpy(message + sizeof(message)/2, "...",
58eeec8592Sderaadt 		    sizeof(message) - sizeof(message)/2);
599df30356Sderaadt 	_dl_strlcat(message, " stack overflow in function ", sizeof message);
609df30356Sderaadt 	_dl_strlcat(message, func, sizeof message);
619df30356Sderaadt 
6246afc4a4Sbluhm 	_dl_sendsyslog(message, _dl_strlen(message), LOG_CONS);
633b50b772Sguenther 	_dl_diedie();
64fb929c0dSmiod }
65466246deSderaadt #endif /* _RET_PROTECTOR */
66fb929c0dSmiod 
6741c230b7Sdrahn char *
_dl_strdup(const char * orig)6841c230b7Sdrahn _dl_strdup(const char *orig)
6941c230b7Sdrahn {
7041c230b7Sdrahn 	char *newstr;
71c827e20bSotto 	size_t len;
72fb2271a5Sderaadt 
730a7d94daSdrahn 	len = _dl_strlen(orig)+1;
740a7d94daSdrahn 	newstr = _dl_malloc(len);
75c827e20bSotto 	if (newstr != NULL)
760a7d94daSdrahn 		_dl_strlcpy(newstr, orig, len);
7741c230b7Sdrahn 	return (newstr);
7841c230b7Sdrahn }
7941c230b7Sdrahn 
80466246deSderaadt #define KEYSZ 32
81466246deSderaadt #define IVSZ  8
82466246deSderaadt #define REKEY_AFTER_BYTES (1 << 31)
83466246deSderaadt static chacha_ctx chacha;
84466246deSderaadt static size_t chacha_bytes;
85466246deSderaadt 
86636d9123Smatthew void
_dl_arc4randombuf(void * buf,size_t buflen)874e496f3dSmortimer _dl_arc4randombuf(void *buf, size_t buflen)
88636d9123Smatthew {
894e496f3dSmortimer 	if (chacha_bytes == 0) {
904e496f3dSmortimer 		char bytes[KEYSZ + IVSZ];
91f5484333Smiod 
924e496f3dSmortimer 		if (_dl_getentropy(bytes, KEYSZ + IVSZ) != 0)
933b50b772Sguenther 			_dl_die("no entropy");
944e496f3dSmortimer 		chacha_keysetup(&chacha, bytes, KEYSZ * 8);
954e496f3dSmortimer 		chacha_ivsetup(&chacha, bytes + KEYSZ);
964e496f3dSmortimer 		if (_dl_getentropy(bytes, KEYSZ + IVSZ) != 0)
974e496f3dSmortimer 			_dl_die("could not clobber rng key");
981b2af952Stedu 	}
994e496f3dSmortimer 
1004e496f3dSmortimer 	chacha_encrypt_bytes(&chacha, buf, buf, buflen);
1014e496f3dSmortimer 
1024e496f3dSmortimer 	if (REKEY_AFTER_BYTES - chacha_bytes < buflen)
1034e496f3dSmortimer 		chacha_bytes = 0;
104f5484333Smiod 	else
1054e496f3dSmortimer 		chacha_bytes += buflen;
106636d9123Smatthew }
107636d9123Smatthew 
10881526992Sderaadt u_int32_t
_dl_arc4random(void)109acb148b1Sderaadt _dl_arc4random(void)
1102c770406Sdrahn {
11181526992Sderaadt 	u_int32_t rnd;
112fa3953dbSderaadt 
113acb148b1Sderaadt 	_dl_arc4randombuf(&rnd, sizeof(rnd));
1142c770406Sdrahn 	return (rnd);
1152c770406Sdrahn }
116